Re: [PATCH] IPA ICF: memory leak fix

Sat, 22 Nov 2014 07:02:13 -0800 

On 11/22/2014 10:09 AM, Markus Trippelsdorf wrote:
> On 2014.11.22 at 09:05 +0100, Martin Liška wrote:
>> Hello.
>>
>> Following patch removes memory leak that was introduced by very first IPA 
>> ICF patch.
>> I would like to thank David for hunting the leak.
>>
>> Patch an bootstrap on x86_86-linux-pc and no regression is introduced.
> 
> I gave the patch a quick spin on gcc112:
> 
> *** Error in `/home/trippels/gcc_build_dir/./prev-gcc/lto1': free(): invalid 
> next size (fast): 0x000001000a5fc160 ***
> ======= Backtrace: =========
> /lib64/libc.so.6(+0xa3d9c)[0x3fff7b6b3d9c]
> /lib64/libc.so.6(+0xaf0b4)[0x3fff7b6bf0b4]
> /home/trippels/gcc_build_dir/./prev-gcc/lto1(_ZN3vecIi7va_heap6vl_ptrE7releaseEv-0x1d4bc00)[0x1025dd88]
> /home/trippels/gcc_build_dir/./prev-gcc/lto1(_ZN7ipa_icf12sem_function14equals_privateEPNS_8sem_itemER8hash_mapIP11symtab_nodeS2_22default_hashmap_traitsE-0x9c083c)[0x116586bc]
> /home/trippels/gcc_build_dir/./prev-gcc/lto1(_ZN7ipa_icf12sem_function6equalsEPNS_8sem_itemER8hash_mapIP11symtab_nodeS2_22default_hashmap_traitsE-0x9c0578)[0x11658998]
> /home/trippels/gcc_build_dir/./prev-gcc/lto1(_ZN7ipa_icf18sem_item_optimizer7executeEv-0x9b8774)[0x11660a84]
> /home/trippels/gcc_build_dir/./prev-gcc/lto1(_ZN7ipa_icf12pass_ipa_icf7executeEP8function-0x9b0314)[0x11668efc]
> /home/trippels/gcc_build_dir/./prev-gcc/lto1(_Z16execute_one_passP8opt_pass-0x1647588)[0x1098a0a8]
> /home/trippels/gcc_build_dir/./prev-gcc/lto1(_Z21execute_ipa_pass_listP8opt_pass-0x1644c2c)[0x1098ca7c]
> /home/trippels/gcc_build_dir/./prev-gcc/lto1(_Z8lto_mainv-0x1df20e4)[0x101b494c]
> /home/trippels/gcc_build_dir/./prev-gcc/lto1[0x10b599b8]
> /home/trippels/gcc_build_dir/./prev-gcc/lto1(_ZN6toplev4mainEiPPc-0x1e8be70)[0x101507b8]
> /home/trippels/gcc_build_dir/./prev-gcc/lto1(main-0x1ec8d8c)[0x1015493c]
> /lib64/libc.so.6(+0x447ac)[0x3fff7b6547ac]
> /lib64/libc.so.6(__libc_start_main-0x19cbf4)[0x3fff7b6549d4]
> ======= Memory map: ========
> ...
> 

Hello.

Thank you for testing, problem is that I should grow the vector by 1, because 
'0' is used as NULL value.

Please try my fixed patch.

Thanks,
Martin

>From 7280e2c8de246c72d2608b5c58590f4fabaf6234 Mon Sep 17 00:00:00 2001
From: mliska <mli...@suse.cz>
Date: Fri, 21 Nov 2014 16:04:06 +0100
Subject: [PATCH] IPA ICF: memory leak fix

gcc/ChangeLog:

2014-11-21  David Malcolm  <dmalc...@redhat.com>
	    Martin Liska  <mli...@suse.cz>

	* ipa-icf.c (sem_function::equals_private): auto_vec<int> replaces
	int* allocated with XNEWVEC.
	(sem_function::bb_dict_test): Likewise.
	* ipa-icf.h: Likewise.
---
 gcc/ipa-icf.c | 18 +++++++++++++-----
 gcc/ipa-icf.h |  2 +-
 2 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/gcc/ipa-icf.c b/gcc/ipa-icf.c
index e0633e7..c8060bf 100644
--- a/gcc/ipa-icf.c
+++ b/gcc/ipa-icf.c
@@ -410,7 +410,6 @@ sem_function::equals_private (sem_item *item,
   basic_block bb1, bb2;
   edge e1, e2;
   edge_iterator ei1, ei2;
-  int *bb_dict = NULL;
   bool result = true;
   tree arg1, arg2;
 
@@ -489,8 +488,11 @@ sem_function::equals_private (sem_item *item,
   /* Basic block edges check.  */
   for (unsigned i = 0; i < bb_sorted.length (); ++i)
     {
-      bb_dict = XNEWVEC (int, bb_sorted.length () + 2);
-      memset (bb_dict, -1, (bb_sorted.length () + 2) * sizeof (int));
+      auto_vec<int> bb_dict;
+      /* Size of bb_dict is number of basic blocks plus
+         2 for entry and exit block and plus one because
+	 '0' is used as NULL value.  */
+      bb_dict.safe_grow_cleared (bb_sorted.length () + 3);
 
       bb1 = bb_sorted[i]->bb;
       bb2 = m_compared_func->bb_sorted[i]->bb;
@@ -957,9 +959,15 @@ sem_function::icf_handled_component_p (tree t)
    corresponds to TARGET.  */
 
 bool
-sem_function::bb_dict_test (int* bb_dict, int source, int target)
+sem_function::bb_dict_test (auto_vec<int> &bb_dict, int source, int target)
 {
-  if (bb_dict[source] == -1)
+  /* bb_dict is cleared with zeros, so that source and target are
+     incremented. bb_dist is used to verify that edges in source and
+     target function correspond. */
+
+  source++;
+  target++;
+  if (bb_dict[source] == 0)
     {
       bb_dict[source] = target;
       return true;
diff --git a/gcc/ipa-icf.h b/gcc/ipa-icf.h
index 046e858..75db93a 100644
--- a/gcc/ipa-icf.h
+++ b/gcc/ipa-icf.h
@@ -275,7 +275,7 @@ private:
 
   /* Basic blocks dictionary BB_DICT returns true if SOURCE index BB
      corresponds to TARGET.  */
-  bool bb_dict_test (int* bb_dict, int source, int target);
+  bool bb_dict_test (auto_vec<int> &bb_dict, int source, int target);
 
   /* Iterates all tree types in T1 and T2 and returns true if all types
      are compatible. If COMPARE_POLYMORPHIC is set to true,
-- 
2.1.2

Reply via email to